Sensitive Data Exposure

Be aware and alert

How

 Vulnerabilities in -Backed up devices -Temporary data storage devices

 Walls have ears

 Logs

 Logs/Records/Documents left unattended to

 Known vulnerabilities -In the application -In the configuration and code -Server side vulnerabilities

 Social engineering

Protect the data

 In memory

 In transit

 And at rest

Communication

 Internal

  Over the wires -Emails -Sites browsed and trials left -Suspicious attachments in email

  Talks -Casual/business -Telephonic -Coffee table conversations

 External

  Press releases Blogs

Prevent

 Avoid sharing sensitive and valuable information in a restricted zone

 Measure, check and prevent suspicious activities Try not to standardize but do sensitize

 In-house hacking team - hack yourself before the others do

 Report the presence of any suspicious device, person

 Have an easily accessible system to report and review the tickets raised of such activities

 Audit and strip off access to sensitive data -From retired employee -Unauthorized users -Maintenance and service provider teams after the contract expires

Tips

 -Create awareness throughout the organization

 -Create a dream team dedicated to safeguard the data

 -Introduce your team to secure information sharing

 -Review the information accessed and shared

 -Share worthy information only to be circulated

 -Know and buy hardware and software requirements from a well researched vendor

 -Learn the reputation of your Internet Service Provider

 -Hire people after meticulous background check

 Be aware of any known threats and Be alert about unknown threats